Menu

Security

Security Overview

WinCux follows a practical desktop-security baseline with URL validation, scoped local file access, and controlled update paths.

Application Controls

  • - HTTPS-only external request paths.
  • - Host allow-listing for sensitive API operations.
  • - Input validation for native command boundaries.
  • - Scoped local asset protocol access.

Data Handling

  • - Local-first preferences and cache model.
  • - Optional analytics with user consent controls.
  • - No account login required for core desktop usage.

Responsible Disclosure

If you discover a potential vulnerability, report it privately with clear reproduction details, impact scope, and affected versions.

Contact: samcuxx@gmail.com